New standard raises the bar on management system certification

An effective management system is an essential business ingredient and having it certified to a recognized standard can bring a number of benefits. Now, the certification process is even better with a new standard for auditors and certification bodies who certify to ISO’s management system standards.

ISO/IEC 17021-1:2015, Conformity assessment – Requirements for bodies providing audit and certification of management systems, Part 1: Requirements, relates to the competence of certification bodies themselves and their auditors. It applies to the auditing and certification of all types of management systems in order to increase their value to public- and private-sector organizations worldwide. The just-published ISO/IEC 17021-1:2015 replaces the second edition of ISO/IEC 17021:2011.

Providing effective tools

Audits and certifications to management system standards (MSS) are a major asset to international trade and essential to the long-term health of the world economy. Attesting the conformity to MSSs, certificates are widely used in global markets to establish confidence between business partners and between organizations and their customers, to qualify suppliers in supply chains, and as a requirement to tender for procurement contracts.

Certification bodies that use the new ISO/IEC 17021-1 will be able to ensure competent audit teams, with adequate resources, following a consistent process and reporting audit results in a consistent manner. It will also help create confidence among regulators, consumers, suppliers and other stakeholders that certificates granted by one certification body are effectively equivalent to that offered by another.

What’s new?
But how does the new ISO/IEC 17021-1:2015 differ from its predecessor (ISO/IEC 17021:2011)? In concrete terms, ISO/IEC 17021-1:2015 has been updated to focus more on how certification services are delivered by a certification body, and as such, the improvements are intended to:

  • Bolster the effectiveness of operational and organization control by certification bodies of remote offices, regardless of their organizational structure
  • Enhance an additional risk management approach
  • Define audit time and audit duration, and then focus requirements for justification on audit duration, which is the time from the opening to the closing meeting

So what does this mean to a certification body currently accredited to ISO/IEC 17021:2011? According to Randy Dougherty and Alister Dalrymple, the co-convenors of the team of experts that developed the standard, there are quite a lot of improvements users will experience. “In our opinion, it will be easier for any current certification body to conform to the changes. Very few certification bodies will need to make any significant changes to their processes. But we also think nearly all of the changes are improvements and will add to the credibility and integrity of certification.”